Non-techincal brain, is @safe by default good or not?
Bruce Carneal
bcarneal at gmail.com
Wed May 27 16:13:31 UTC 2020
On Wednesday, 27 May 2020 at 15:57:12 UTC, aberba wrote:
> On Wednesday, 27 May 2020 at 14:23:30 UTC, Mathias LANG wrote:
>> [...]
>
> That's what I'm thinking...it seems the interest in taking too
> from rust seems very concerning.
>
> Walter himself has said many times he does not write
> application/library code. My worst fear is engineering gone
> bad. Where technical people build a technology with technical
> judgement only to fail at it because it ends up being too
> difficult to use for everyday code. And that's how I see things.
>
> When its said that MANY people agree that @safe by default is
> THE way to go, I wonder if its based on some few vocal people
> or its an accurate representation of a general interest in
> direction.
>
>
>> [...]
>
> That's very concerning. Are the MANY vocal ones using D in
> system code or application, production or hobby? This all
> shapes ones opinion.
I think it's simpler. Currently, @safe means "machine checked".
Post 1028 @safe means "machine checked unless you call a C
library, or anything you call calls a C library or anything
that...". Post 1028 the compiler treats all unmarked extern(C)
routines as if they had been machine verified. Since they have
not been machine verified, and in most cases can not be machine
verified even if the source code were available, the post 1028
compiler is complicit in propagating dangerous code.
To be clear, I like @safe by default. I just don't like the
compiler lying to me. DIP 1028 could be altered to remove the
problem but Walter, at least to date, refuses.
More information about the Digitalmars-d
mailing list